Skip to content

vint21h/django-security-txt

BranchesTags

Repository files navigation

A django-security-txt documentation

GitHub Coveralls License Version Supported Python version Supported Django version Package format Python wheel support Package status

django-security-txt is a Django reusable application to handle security.txt (http://securitytxt.org/)

Contents

Installation

  • Obtain your copy of source code from the git repository: $ git clone https://github.com/vint21h/django-security-txt.git. Or download the latest release from https://github.com/vint21h/django-security-txt/tags/.
  • Run $ python ./setup.py install from the repository source tree or the unpacked archive. Or use pip: $ pip install django-security-txt.

Configuration

  • Add "security_txt" to settings.INSTALLED_APPS:
# settings.py

INSTALLED_APPS += [
    "phonenumber_field",
    "security_txt",
]
  • Add "security_txt" to your URLs definitions:
# urls.py

from django.urls import re_path


urlpatterns += [
    re_path(r"^.well-known/security\.txt", include("security_txt.urls")),
]

Settings

SECURITY_TXT_EXPIRES
Indicates the date and time after which the data contained in the "security.txt" file is considered stale and should not be used. Defaults to None.
SECURITY_TXT_PREFERRED_LANGUAGES
Used to indicate a set of natural languages that are preferred when submitting security reports. Defaults to None.
SECURITY_TXT_SIGN
Sign "security.txt" using PGP. Defaults to False.
SECURITY_TXT_SIGNING_KEY
Path to PGP key. Defaults to "".

Advanced features

If you want to sign your "security.txt":

  • Install django-security-txt with additional dependencies: $ pip install django-security-txt[pgp].
  • Configure:
# settings.py

SECURITY_TXT_SIGN: bool = True
SECURITY_TXT_SIGNING_KEY: str = "/path/to/key.asc"

Contributing

  1. Fork it
  2. Install GNU Make
  3. Install and configure pyenv and pyenv-virtualenv plugin
  4. Install and configure direnv
  5. Create environment config from example
cp .env.example .env
  1. Install development dependencies:
make install
  1. Create your fix/feature branch:
git checkout -b my-new-fix-or-feature
  1. Check code style and moreover:
make check
  1. Run tests:
make test
  1. Push to the branch:
git push origin my-new-fix-or-feature
  1. Create a new Pull Request

Licensing

django-security-txt is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (a t your option) any later version. For complete license text see COPYING file.

Contacts

Project Website: https://github.com/vint21h/django-security-txt/

Author: Alexei Andrushievich <vint21h@vint21h.pp.ua>

For other authors list see AUTHORS file.

About

Handle security.txt

Topics

python security django securitytxt

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

8 tags

Packages

No packages published

Languages